From 5798e4b5f1f82107ca531497e470336490538077 Mon Sep 17 00:00:00 2001 From: Theron Voran Date: Tue, 14 Jun 2022 14:09:09 -0400 Subject: [PATCH] backport of commit 95662213036c2b46955746357040eff1892f8f7a --- .../content/docs/platform/k8s/injector/annotations.mdx | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/website/content/docs/platform/k8s/injector/annotations.mdx b/website/content/docs/platform/k8s/injector/annotations.mdx index d5a8c4579d63..bf253d63b2f5 100644 --- a/website/content/docs/platform/k8s/injector/annotations.mdx +++ b/website/content/docs/platform/k8s/injector/annotations.mdx @@ -27,7 +27,7 @@ them, optional commands to run, etc. Agent configuration file and templates can be found. - `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This - value overrides the default image configured in the controller and is usually + value overrides the default image configured in the injector and is usually not needed. Defaults to `vault:1.7.2`. - `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent @@ -224,9 +224,10 @@ etc. - `vault.hashicorp.com/role` - configures the Vault role used by the Vault Agent auto-auth method. Required when `vault.hashicorp.com/agent-configmap` is not set. -- `vault.hashicorp.com/service` - name of the Vault service to use. This value - overrides the default service configured in the controller and is usually not - needed. +- `vault.hashicorp.com/service` - configures the Vault address for the injected + Vault Agent to use. This value overrides the default Vault address configured + in the injector, and may either be the address of a Vault service within the + same Kubernetes cluster as the injector, or an external Vault URL. - `vault.hashicorp.com/tls-secret` - name of the Kubernetes secret containing TLS Client and CA certificates and keys. This is mounted to `/vault/tls`.